Agile Principles in Responding to Safety Incidents in Productive Systems: a Systematic Review

Abstract

Production systems have been integrated into the digital scenario where everything is connected, driven by Industry 4.0. In this complex, and heterogeneous and interconnected environment, it is necessary to observe the pillars of information security: integrity, confidentiality and availability. To answer to information security incidents, governments and organizations maintain CSIRTs, acronym for Computer Security Incident Response Teams, which manage incidents through processes to detect, analyze, respond and learn from incidents. However, these incident response teams generally follow a rigid and hierarchical structure, indicating problems in their processes. The agile approach has been considered a good option for solving these problems since agile principles have been used in areas outside of software development and also for addressing solutions that are not very clear at the beginning, for focusing on people, on constant feedback and acceptance of constant changes The present paper aims to carry out a systematic review of the literature located in the field of response to security incidents in production systems,  in addition to agile principles and values. Thus, the research question of this article "What results are found in the literature on the use of agile principles in information security incident response processes in production systems?", resulted in six articles that address the use of agile principles in responding to information security incidents. Thus, the survey demonstrated a gap in the use of agile principles in responding to information security incidents. The result contributes demonstrating the need for further research on the use of agile principles in information security. It is envisioned that this area may have greater contributions during future research.

DOI: https://doi.org/10.56238/tfisdwv1-117